On Wed, Jul 23, 2014 at 4:28 PM, Zbigniew Jędrzejewski-Szmek <zbys...@in.waw.pl> wrote:
> Anyway, I think that /etc/login.defs support is made out to be something > much more complicated than it really is. IMHO we should: > > - read /etc/login.defs and fall back to the compiled in value > - use whatever result we get in coredump, journald, and sysusers > > It's not like the implementation would be hard, intrusive, or slow. It'd be > probably +3 lines in one or two places. It is not about the effort *how* to do it, it is *why*. And I still don't think we should have dynamic configuration options for this, it is all just a huge mess that needs to be limited to the bare minimum, it is just too broken as a concept to be supported that way. > If we come up with additional heuristics or rules to determine human > accounts, we can safely add them in a backwards compatible way. We cannot do any normal user queries from journald, so none of the metadata like the primary group is easily for a user is available. Sysusers is, and probably always will be, limited to the classic passwd, group file. Maybe we can just read the files ourselves and find out that a certain uid is a normal user? Like: - uid >= "1000" --> normal user - lookup uid in passwd - user not found --> normal user - user < 1000 && group == "users" --> normal user - everything else would be a system user Kay _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel